<?php
/*Contains all function needed for ADFS system except for reports
*/
/**
    Validates a user against user name company code and password,
    @param username, String
    @param password, string, in MD5 encoding
    @param companyCode, String
    @return recortd containg the user id and company id, dbSchema, language -1 if the query returned zero or more than one rows
    @author Ghassan Al-Noubani
*/
function validateUser($username, $password, $companyCode)
{
    $query = 
        "SELECT
            a.id userId, b.id companyId, b.db_user dbSchema, b.language
        FROM
            adfs_user a, adfs_company b
        WHERE
            a.adfs_company_id = b.id AND
            a.username = '".$username."' AND
            a.password = '".$password."' AND
            b.code = '".$companyCode."'";
     //execute the query and return results based on documentation above
    
}
/**
    Gets a comma separated String of all the branches that the user has access to
    @author Ghassan Al-Noubani
*/
function getBranches()
{
    $query = 
        "SELECT
            a.branch_id
        FROM
            adfs_user_branches a, ".$_SESSION['dbSchema']."CSBRNCOD b
        WHERE
            a.branch_id = b.CS_BRN_CODE AND
            a.adfs_user_id = ".$_SESSION['userId']."
        ORDER BY
            a.branch_id";
            
     //execute the query, put all the results in comma separated string and store them in session variable $_SESSION['branches']
}

/**
    Checks if the current user has admin privillege
    @return boolean, true if he has the privillege, false otherwise
    @author Ghassan Al-Noubani
    
*/
function isAdmin()
{
    $query = 
        "SELECT
           a.admin 
        FROM
            adfs_user a
        WHERE
            a.id = ".$_SESSION['userId'];
    
    
    //Execute the above query, if it returned 1 return true, else return false
}
/**
    Checks if the current user has upload privillege
    @return boolean, true if he has the privillege, false otherwise
    @author Ghassan Al-Noubani
    
*/
function isUploader()
{
    $query = 
        "SELECT
           a.upload_user
        FROM
            adfs_user a
        WHERE
            a.id = ".$_SESSION['userId'];
    
    
    //Execute the above query, if it returned 1 return true, else return false
}
/**
    Checks if the current user has report privillege
    @return boolean, true if he has the privillege, false otherwise
    @author Ghassan Al-Noubani
    
*/
function isReportUser()
{
    $query = 
        "SELECT
           a.report_user
        FROM
            adfs_user a
        WHERE
            a.id = ".$_SESSION['userId'];
    
    
    //Execute the above query, if it returned 1 return true, else return false
}


?>
